From 237500145389d52b170ef9f732e48d5153b522da Mon Sep 17 00:00:00 2001
From: Steven <stevenlgtm@gmail.com>
Date: Mon, 18 Sep 2023 21:50:59 +0800
Subject: [PATCH] chore: fix acl interceptor

---
 api/v2/acl.go | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/api/v2/acl.go b/api/v2/acl.go
index b3512525..86f45e77 100644
--- a/api/v2/acl.go
+++ b/api/v2/acl.go
@@ -13,6 +13,7 @@ import (
 	"google.golang.org/grpc/status"
 
 	"github.com/usememos/memos/api/auth"
+	"github.com/usememos/memos/common/util"
 	storepb "github.com/usememos/memos/proto/gen/store"
 	"github.com/usememos/memos/store"
 )
@@ -103,18 +104,22 @@ func (in *GRPCAuthInterceptor) authenticate(ctx context.Context, accessToken str
 		)
 	}
 
-	username := claims.Name
+	// We either have a valid access token or we will attempt to generate new access token.
+	userID, err := util.ConvertStringToInt32(claims.Subject)
+	if err != nil {
+		return "", errors.Wrap(err, "malformed ID in the token")
+	}
 	user, err := in.Store.GetUser(ctx, &store.FindUser{
-		Username: &username,
+		ID: &userID,
 	})
 	if err != nil {
 		return "", errors.Wrap(err, "failed to get user")
 	}
 	if user == nil {
-		return "", errors.Errorf("user %q not exists in the access token", username)
+		return "", errors.Errorf("user %q not exists", userID)
 	}
 	if user.RowStatus == store.Archived {
-		return "", errors.Errorf("user %q is archived", username)
+		return "", errors.Errorf("user %q is archived", userID)
 	}
 
 	accessTokens, err := in.Store.GetUserAccessTokens(ctx, user.ID)
@@ -125,7 +130,7 @@ func (in *GRPCAuthInterceptor) authenticate(ctx context.Context, accessToken str
 		return "", status.Errorf(codes.Unauthenticated, "invalid access token")
 	}
 
-	return username, nil
+	return user.Username, nil
 }
 
 func getTokenFromMetadata(md metadata.MD) (string, error) {